This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/LcQYQEvM4a5AJp3iWmSpTcnbICc.roa File: LcQYQEvM4a5AJp3iWmSpTcnbICc.roa (raw, json) Hash identifier: cvXNT8zpepbj0tCgfQj746IMhfUTmzfkKyU2QbrqAr0= Subject key identifier: 2D:C4:18:40:4B:CC:E1:AE:40:26:9D:E2:5A:64:A9:4D:C9:DB:20:27 Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058 Certificate serial: 019B7E394C6AB626802EB46D8A71214B10E7 Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/LcQYQEvM4a5AJp3iWmSpTcnbICc.roa Signing time: Fri 02 Jan 2026 10:20:42 +0000 ROA not before: Fri 02 Jan 2026 10:20:42 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 210103 IP address blocks: 2a0c:b641:90::/44 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.mft rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 18:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:39:4c:6a:b6:26:80:2e:b4:6d:8a:71:21:4b:10:e7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=05976801363d375786152e4d061e75c8beb35058 Validity Not Before: Jan 2 10:20:42 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=2dc418404bcce1ae40269de25a64a94dc9db2027 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:53:0e:ab:92:31:67:8e:8e:89:9c:fb:1d:99: bf:92:f0:44:b9:de:6e:2a:19:81:e1:09:68:9b:aa: ff:6f:f9:2c:45:c8:ed:8c:cb:a1:bc:9f:8a:33:2e: 15:ae:06:96:0b:4d:7b:de:72:bd:e7:11:6d:e1:7b: e0:5d:b6:5c:d5:f8:ea:ca:56:b2:21:4a:4c:74:c9: 8a:77:0a:e1:eb:2f:8e:54:fc:8d:91:d9:9d:a6:46: 71:68:df:3f:43:e3:eb:0d:95:e6:77:8a:88:12:25: 48:86:28:ed:ab:a6:82:75:36:96:9f:45:e9:ce:b4: b7:11:99:7d:f3:b4:b6:44:6b:08:14:0f:c6:e9:27: 18:d6:d6:73:2b:83:13:8d:f8:5e:e1:e3:a9:fe:e4: 80:cc:a6:1b:eb:87:a0:8c:66:5a:c6:e7:ab:3b:75: 4d:ab:1f:c3:38:21:e9:11:1c:ff:8d:4c:e0:57:f9: 9f:22:3d:1f:be:48:1b:fb:e0:21:7e:97:42:3e:da: c6:22:59:0f:dd:33:d9:78:53:5d:39:7d:ef:ed:a4: 8d:5c:a8:64:0a:37:b4:c8:e1:5e:40:a2:51:72:52: a8:42:49:6d:66:c6:df:fb:d1:64:a1:a2:b3:17:22: cd:a1:4f:4f:da:5a:a6:82:23:a4:fa:6f:fd:07:0f: 05:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2D:C4:18:40:4B:CC:E1:AE:40:26:9D:E2:5A:64:A9:4D:C9:DB:20:27 X509v3 Authority Key Identifier: keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/LcQYQEvM4a5AJp3iWmSpTcnbICc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0c:b641:90::/44 Signature Algorithm: sha256WithRSAEncryption 76:21:8d:43:b4:29:61:57:40:92:84:72:4e:1c:c7:95:21:fd: c4:24:b7:97:dd:3a:c4:7e:63:54:c0:d7:18:f8:1e:ec:fd:b1: 19:57:cf:fe:f1:2d:a5:46:76:ad:98:57:18:44:51:fd:49:8d: c5:81:fe:0d:dc:dd:4d:e6:ad:6a:31:90:56:d6:7f:a0:44:af: 4b:3b:d5:65:37:46:c3:18:80:de:1f:66:50:6e:e4:31:16:ff: c9:a3:2c:53:17:c5:67:8b:ac:b4:bd:e4:20:b4:7e:f5:dc:b0: dc:ae:19:96:31:1c:78:e6:65:32:06:6d:9e:05:69:e5:6d:c7: 88:d8:02:e5:b5:16:1c:0f:2b:29:2d:20:34:21:24:7e:f5:6a: 9b:1f:44:ff:02:c8:07:21:28:e9:fd:d6:1f:98:8a:32:e9:dd: c7:cf:5c:78:91:86:df:7a:42:ba:63:93:77:c8:b6:48:95:bc: 40:62:53:fb:56:c1:9b:eb:85:55:4d:13:30:90:ed:57:bd:e0: 00:3c:e8:4a:58:ff:e0:0e:98:03:aa:79:b4:64:c1:db:90:24: 58:9a:03:87:2b:d3:9f:fd:ba:79:b7:ed:c1:d5:fd:be:b1:d6: 84:c2:7d:bb:52:cd:5c:71:80:42:c6:51:c1:bc:72:a1:bb:36: 25:3c:bf:bd -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt+OUxqtiaALrRtinEhSxDnMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA1OTc2ODAxMzYzZDM3NTc4NjE1MmU0ZDA2MWU3NWM4YmVi MzUwNTgwHhcNMjYwMTAyMTAyMDQyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyZGM0MTg0MDRiY2NlMWFlNDAyNjlkZTI1YTY0YTk0ZGM5ZGIyMDI3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu1MOq5IxZ46OiZz7HZm/kvBEud5u KhmB4Qlom6r/b/ksRcjtjMuhvJ+KMy4VrgaWC0173nK95xFt4XvgXbZc1fjqylay IUpMdMmKdwrh6y+OVPyNkdmdpkZxaN8/Q+PrDZXmd4qIEiVIhijtq6aCdTaWn0Xp zrS3EZl987S2RGsIFA/G6ScY1tZzK4MTjfhe4eOp/uSAzKYb64egjGZaxuerO3VN qx/DOCHpERz/jUzgV/mfIj0fvkgb++AhfpdCPtrGIlkP3TPZeFNdOX3v7aSNXKhk Cje0yOFeQKJRclKoQkltZsbf+9FkoaKzFyLNoU9P2lqmgiOk+m/9Bw8FRwIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFC3EGEBLzOGuQCad4lpkqU3J2yAnMB8GA1UdIwQY MBaAFAWXaAE2PTdXhhUuTQYedci+s1BYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2Et NWVjOGM4ZWQ2MGZkLzEvTGNRWVFFdk00YTVBSnAzaVdtU3BUY25iSUNjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2EtNWVjOGM4ZWQ2MGZk LzEvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgy2QQCQ MA0GCSqGSIb3DQEBCwUAA4IBAQB2IY1DtClhV0CShHJOHMeVIf3EJLeX3TrEfmNU wNcY+B7s/bEZV8/+8S2lRnatmFcYRFH9SY3Fgf4N3N1N5q1qMZBW1n+gRK9LO9Vl N0bDGIDeH2ZQbuQxFv/JoyxTF8Vni6y0veQgtH713LDcrhmWMRx45mUyBm2eBWnl bceI2ALltRYcDyspLSA0ISR+9WqbH0T/AsgHISjp/dYfmIoy6d3Hz1x4kYbfekK6 Y5N3yLZIlbxAYlP7VsGb64VVTRMwkO1XveAAPOhKWP/gDpgDqnm0ZMHbkCRYmgOH K9Of/bp5t+3B1f2+sdaEwn27Us1ccYBCxlHBvHKhuzYlPL+9 -----END CERTIFICATE-----Generated at Tue Jan 20 02:45:05 2026 by rpki-client